CVE-2004-2730

Currently unrated

Key Information:

Vendor: Microsoft
Status: Psshutdown; Psservice; Psgetsid; Pspasswd
Vendor: CVE Published:; 31 December 2004

Summary

Sysinternals PsTools before 2.05, including (1) PsExec before 1.54, (2) PsGetsid before 1.41, (3) PsInfo before 1.61, (4) PsKill before 1.03, (5) PsList before 1.26, (6) PsLoglist before 2.51, (7) PsPasswd before 1.21, (8) PsService before 2.12, (9) PsSuspend before 1.05, and (10) PsShutdown before 2.32, does not properly disconnect from remote IPC$ and ADMIN$ shares, which allows local users to access the shares with elevated privileges by using the existing share mapping.

References

http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=...

x_refsource_MISC

http://www.securityfocus.com/bid/10759

vdb-entryx_refsource_BID

http://secunia.com/advisories/12108

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability Reserved
Oct 8, 2007
Vulnerability published
Dec 31, 2004

Collectors

NVD DatabaseMitre Database